You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The problem is, as I mentioned, resources already exist and are used through external/public IP (with firewalls sure thing). As soon as enable the setup between a private DNS zone and a DNS Forwarder, nslookup from a private network starts using it in priority:
If the Private DNS Zone contains created in advance A-records - it works as expected - it resolves private IP.
If it does not - it resolves nothing. I expected it to redirect me to a public DNS in azure and resolve Public IP.
I have a lot of resources created in the past, I do not have the whole list of them, and the setup without pre-created DNS records in this case introduces potential issues and precludes seamless implementation.
Do you know if it is possible to resolve a public IP from inside the virtual network with the existing private DNS zone if the A record does not exist?
For instance,
There is a DB exposed via public IP and name ylo_pc.database.windows.net
I created a private DNS zone privatelink.database.windows.net and linked it to a DNS forwarder, but have not created A-record yet (let's imagine somewhere in other team people use a DB that I am not aware of)
and I cannot resolve ylo_pc.database.windows.net to public from the private network if A record does not exist
Excuse me for a long description wanted to make the case detailed)
The text was updated successfully, but these errors were encountered:
Paolo
thank you a lot for such detailed and scrupulous manuals
It helped a lot of engineers to succeed
I have a practical question about implementing azure private DNS zones for existing resources, that are being used via public IPs
I am testing an implementation of private endpoints together with private DNS zones in a hybrid azure network (with on-prem part) for existing resources.
I have a setup as here: https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/private-link-and-dns-integration-at-scale
The problem is, as I mentioned, resources already exist and are used through external/public IP (with firewalls sure thing). As soon as enable the setup between a private DNS zone and a DNS Forwarder, nslookup from a private network starts using it in priority:
If the Private DNS Zone contains created in advance A-records - it works as expected - it resolves private IP.
If it does not - it resolves nothing. I expected it to redirect me to a public DNS in azure and resolve Public IP.
I have a lot of resources created in the past, I do not have the whole list of them, and the setup without pre-created DNS records in this case introduces potential issues and precludes seamless implementation.
Do you know if it is possible to resolve a public IP from inside the virtual network with the existing private DNS zone if the A record does not exist?
For instance,
There is a DB exposed via public IP and name ylo_pc.database.windows.net
I created a private DNS zone privatelink.database.windows.net and linked it to a DNS forwarder, but have not created A-record yet (let's imagine somewhere in other team people use a DB that I am not aware of)
and I cannot resolve ylo_pc.database.windows.net to public from the private network if A record does not exist
Excuse me for a long description wanted to make the case detailed)
The text was updated successfully, but these errors were encountered: